Tim Starling writes, > https://bugs.launchpad.net/mailman/+filebug
Thanks, Tim. After a quick look at the bug tracker and other docs, I can say the issue had been reported long ago (at least a decade), and was on its way to getting fixed a couple of years ago in Mailman 2.2. However, I'm not sure that 2.2 ever made it out. (Wikitech-l is currently running on Mailman 2.1.9; the latest release looks to be 2.1.13.) The good news: the problem has been fixed in Mailman 3.0: "Get rid of password reminders altogether. Encrypt member passwords and use a password reset feature instead of a reminder. (Done)" The bad news: Mailman 3.0 is in alpha release right now -- probably not ready to use yet. Though it is currently under active development, so maybe sometime relatively soon. References: Bug #266390 in GNU Mailman: “Storing of passwords” https://bugs.launchpad.net/mailman/+bug/266390 SourceForge.net: Mailman: Detail: 209499 - Security hole: passwords mailed in clear http://sourceforge.net/tracker/index.php?func=detail&aid=209499&group_id=103&atid=100103 Milestones : GNU Mailman https://launchpad.net/mailman/+milestones Mailman 3.0 - Development - Confluence http://wiki.list.org/display/DEV/Mailman+3.0 Pete _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
